[Cases] Add new sub feature privilege to prevent access to case setti…

…ngs (#4557) (#4601) Co-authored-by: Nastasha Solomon <[email protected]> Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit d7987bb)
elastic · Jan 11, 2024 · 7aaf838 · 7aaf838
1 parent 511c053
commit 7aaf838
Showing 1 changed file with 15 additions and 8 deletions.
diff --git a/docs/getting-started/cases-req.asciidoc b/docs/getting-started/cases-req.asciidoc
@@ -1,6 +1,11 @@
 [[case-permissions]]
 = Cases prerequisites
 
+:frontmatter-description: Learn about the {kib} feature privileges required to access {elastic-sec} cases. 
+:frontmatter-tags-products: [security]
+:frontmatter-tags-content-type: [how-to] 
+:frontmatter-tags-user-goals: [configure]
+
 //To view cases, you need the {kib} space `Read` privilege for the `Security` feature. To create cases and add comments, you need the `All` {kib}
 //space privilege for the `Security` feature.
 
@@ -34,21 +39,23 @@ a|
 * **All** for the *Cases* feature under *Security*
 * **All** for the *{connectors-feature}* feature under *Management*
 
-NOTE: Roles without **All** *{connectors-feature}* feature privileges cannot create, add, delete, or modify case connectors.
+[NOTE]
+====
+Roles without **All** privileges for the *{connectors-feature}* feature cannot create, add, delete, or modify case connectors.
+
+By default, **All** for the *Cases* feature allows you to delete cases, delete alerts and comments from cases, and edit case settings. You can customize the sub-feature privileges to limit feature access.
+====
 
 | Give assignee access to cases
-a|
-* **All** for the *Cases* feature under *Security*
+a| **All** for the *Cases* feature under *Security*
 
 NOTE: Before a user can be assigned to a case, they must log into {kib} at least
 once, which creates a user profile.
 
-| Give view-only access for cases | **Read** for the *Security* feature and **All** for the *Cases* feature
-
-| Give access to view and delete cases
-a| **Read** for the *Cases* feature under *Security* with the *Delete* sub-feature selected
+| Give view-only access for cases
+a| **Read** for the *Security* feature and **All** for the *Cases* feature
 
-NOTE: These privileges also enable you to delete comments and alerts from a case.
+NOTE: You can customize the sub-feature privileges to allow access to deleting cases, deleting alerts and comments from cases, and viewing or editing case settings.
 
 | Revoke all access to cases | **None** for the *Cases* feature under *Security*